Search CVE reports

Toggle filters

11 – 20 of 112 results

CVE-2026-22857

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irp_thread_func because the IRP is freed by irp->Complete() and then accessed again on the error path....

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22856

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22855

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22854

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22853

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints,...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22852

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2026-22851

Medium priority
Needs evaluation

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically,...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Needs evaluation
freerdp2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
freerdp3 Needs evaluation Not in release
Show less packages

CVE-2025-68118

Medium priority
Not affected

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.0, a vulnerability exists in FreeRDP’s certificate handling code on Windows platforms. The function `freerdp_certificate_data_hash_ uses` the...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Not affected
freerdp2 Not affected Not affected Not affected Not affected
freerdp3 Not affected Not in release
Show less packages

CVE-2025-4478

Medium priority

Some fixes available 2 of 3

A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service....

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Not affected
freerdp2 Not affected Not affected Not affected Not affected
freerdp3 Fixed Not in release
Show less packages

CVE-2024-32662

Low priority
Fixed

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. This occurs when `WCHAR` string is read with twice the size it has and converted...

3 affected packages

freerdp, freerdp2, freerdp3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
freerdp Not in release Not in release Not in release Not affected
freerdp2 Not affected Not affected Not affected Not affected
freerdp3 Fixed Not in release Not in release
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON